Page 2 of 2

Re: big bug all verison poker mavens 4.18,4.17,...

PostPosted: Sun May 04, 2014 2:04 pm
by datis
2014-05-04 18:18:49|Account|bootman +100 balance 100 (API)
2014-05-04 18:18:49|API|AccountsIncBalance from 46.165.-.- (Invoice=23774-12090996839, User=bootman, Amount=100 )
2014-05-04 18:18:49|Account|bootman +100 balance 200 (API)
2014-05-04 18:18:49|API|AccountsIncBalance from 46.165.-.- (Invoice=23774-12090996839, User=bootman, Amount=100 )

Re: big bug all verison poker mavens 4.18,4.17,...

PostPosted: Sun May 04, 2014 2:14 pm
by Kent Briggs
datis wrote:in her account ( in my web site) he click on the buy credit and pay 20000 call back event add to her accounte double 20000


There's nothing in Poker Mavens called "buy credit". Sounds like you have custom code on your web site making API calls.

Re: big bug all verison poker mavens 4.18,4.17,...

PostPosted: Sun May 04, 2014 2:17 pm
by Kent Briggs
datis wrote:2014-05-04 18:18:49|Account|bootman +100 balance 100 (API)
2014-05-04 18:18:49|API|AccountsIncBalance from 46.165.-.- (Invoice=23774-12090996839, User=bootman, Amount=100 )
2014-05-04 18:18:49|Account|bootman +100 balance 200 (API)
2014-05-04 18:18:49|API|AccountsIncBalance from 46.165.-.- (Invoice=23774-12090996839, User=bootman, Amount=100 )


You need to check your own code. It looks like it's making double calls.

Re: big bug all verison poker mavens 4.18,4.17,...

PostPosted: Thu Oct 23, 2014 6:11 pm
by vahidb93
i had the same problem,my php script was checked by 3 professional programmers,there was not any problem with my script,but some people used chips without buying them,they set their balance from api,i changed the api password several times but it did not help...honestly i was not aware that i can use api whitelist but as i see it wouldn't help
i appriciate any responses that can help me

Re: big bug all verison poker mavens 4.18,4.17,...

PostPosted: Thu Oct 23, 2014 6:33 pm
by Kent Briggs
vahidb93 wrote:i changed the api password several times but it did not help


Then most likely you have API calls being made out in the clear or on a compromised server where someone can see what password is being used.